Security audit

Reversible Keyword Masking

Security checks across malware telemetry and agentic risk

Overview

This skill is a local document masking tool with disclosed file processing and no evidence of network exfiltration or hidden persistence.

Install only if you are comfortable with a local CLI reading and writing documents in its working directory. Keep mapping files, password files, and RKM_KEY private and out of Git. For documents from untrusted sources, prefer .txt/.md/.docx where possible or run legacy .doc conversion in a sandboxed/offline environment because Office and LibreOffice parsers have their own attack surface.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Behavioral ASTexec() Call, eval() Call, Dynamic Import
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

subprocess module call

Medium

Category: Dangerous Code Execution
Content: env["RKM_WORD_OUTPUT"] = str(output_path) env["RKM_WORD_FORMAT"] = str(file_format) creationflags = getattr(subprocess, "CREATE_NO_WINDOW", 0) result = subprocess.run( [powershell, "-NoProfile", "-NonInteractive", "-ExecutionPolicy", "Bypass", "-Command", script], capture_output=True, text=True,
Confidence: 91% confidence
Finding: result = subprocess.run( [powershell, "-NoProfile", "-NonInteractive", "-ExecutionPolicy", "Bypass", "-Command", script], capture_output=True, text=True, encoding="

subprocess module call

Medium

Category: Dangerous Code Execution
Content: target_ext = output_path.suffix.lower().lstrip(".") with tempfile.TemporaryDirectory(prefix="rkm-lo-") as tmp: tmp_dir = Path(tmp) result = subprocess.run( [executable, "--headless", "--convert-to", target_ext, "--outdir", str(tmp_dir), str(input_path)], capture_output=True, text=True,
Confidence: 88% confidence
Finding: result = subprocess.run( [executable, "--headless", "--convert-to", target_ext, "--outdir", str(tmp_dir), str(input_path)], capture_output=True, text=True,

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The skill's stated purpose is local masking/restoration, but this section adds external document conversion via Word COM and LibreOffice. That extra capability materially broadens the trust boundary and exposes the host to third-party parsers and automation engines that may process hostile .doc content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.